Re: Digital Certificate "There are problems with the signature"

Tech-Archive recommends: Fix windows errors by optimizing your registry

Forwarded from public.security forum:

Jeff B. wrote:
I can't come up with any clear answer on this question. Limited
testing with the my wife's work mail scanner revealed that their mail
scanner appends all unsigned/unencrypted "incoming" mail "body text"
with the NOD32 signature.
But, when I send a signed or encrypted message, those messages do - not
- get appended with the NOD32 signature. Thus, they apparently do not
get altered and there are no errors encountered.
But this is a very limited test and I expect many different scanners
deal with signed/encrypted messages differently.

To the original poster of this thread:

- Find out who the 3rd party scanner is.
- Talk to their scanner administrator about the possibility their
scanner is corrupting message content because of altered message
content or appended text.
- Try finding another scanner service who will work with you on solving
the problem

It would be interesting to hear from someone who has real experience
with this issue...



Jeff B. wrote:
From my experience, mail scanners (usually virus scanners - sometimes
content scanners) often only read the outgoing message. Others, append
every message with text that inidicates to the recipient that the
message has been scanned and "approved" as virus free by the scanner
(to give you a warm and fuzzy secure feeling).

For example, NOD32 appends body text as follows:

"
__________ NOD32 1.1742 (20060906) Information __________

This message was checked by NOD32 antivirus system.
http://www.eset.com
"

The above text was copied from a message I recieved from my wife's work
mail scanner.
However, I am using Norton AV2006. Norton scans my incoming and
outgoing messages, but does not append or alter any content (to my
knowledge).
If Norton finds a virus, it hijacks the message and quarantines it and
opens a windows dialogue box indicating so.

But, I don't know digitally signed messages or encrypted messages
respond to scanners trying to append them. I am trying to test that
out now...



QuidnuncSimcha wrote:
Hello,

Forgive me for asking such a question....If "all" mail is "scanned",
wouldn't "all" mail be appendened?

or

If mail is scanned, then mail is appended with a "generic message"
...in the above case, it would seem that all mail would have a problem.

if mail is scanned and a filter only adds warning in specific cases
(keywords/characters), then some messages will be affected

Your filter may be "changing" the text and causing the problem

Sorry, I didn't help You a bit. I am nowhere near an expert, but you may
want to elaborate on the "all" and one/USERS area.




"pretzel" wrote:

Dear All,

We are testing out Digital Certificates as a prelude to Secure Messaging
with some of our Clients.

We obtained individual certificates for ourselves (as there is not many of
us) but started our Client on a Business account with a CA.

After setting up one of their users we notice that most times their email is
fine, but other times instead of the usual "rosette" there is a red line and
the statement "There are problems with the signature. Click the signature
button for details."

The message in the Security Properties is "Error: The message contents may
have been altered. Signed by sa@<client domain here>.com using RSA/SHA1 at
15:05:47 16/08/2006."

As we use an external mail filter (so all our mail is scanned in transit) we
believe that the scanning by our mail filter is causing the Digital
Certificate to detect a modification (or attempt) and hence the error.

My questions are:

1) Is the above assumption correct, and this is normal?

2) Is there anything that can be done to elimiate this (if caused by an
external mail scanner perhaps not)

3)If we move to Secure Messaging where the email is encrypted and hence
cannot be scanned by our mail filter, should I presume that the above error
will not appear and that all will be OK (at least as much as it should be)?

thanks

-----
pbw

.

Quantcast